get rid of ValidateAndUnpackCertWithCertPools

Signed-off-by: Dmitry S <dsavints@gmail.com>
sigstore · Feb 14, 2024 · 44e0ff5 · 44e0ff5
1 parent eaaafe0
commit 44e0ff5
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 11 deletions.
diff --git a/cmd/cosign/cli/verify/verify.go b/cmd/cosign/cli/verify/verify.go
@@ -293,7 +293,10 @@ func (c *VerifyCommand) Exec(ctx context.Context, images []string) (err error) {
 					return err
 				}
 			} else {
-				pubKey, err = cosign.ValidateAndUnpackCertWithCertPools(cert, co)
+				if co.RootCerts == nil {
+					return errors.New("no CA roots provided to validate certificate")
+				}
+				pubKey, err = cosign.ValidateAndUnpackCert(cert, co)
 				if err != nil {
 					return err
 				}

diff --git a/pkg/cosign/verify.go b/pkg/cosign/verify.go
@@ -432,16 +432,6 @@ func ValidateAndUnpackCertWithChain(cert *x509.Certificate, chain []*x509.Certif
 	return ValidateAndUnpackCert(cert, co)
 }
 
-// ValidateAndUnpackCertWithCertPools creates a Verifier from a certificate. Verifies that the certificate
-// chains up to the provided root. CheckOpts should contain a pool of CA Roots and optionally the Intermediates.
-// Optionally verifies the subject and issuer of the certificate.
-func ValidateAndUnpackCertWithCertPools(cert *x509.Certificate, co *CheckOpts) (signature.Verifier, error) {
-	if co.RootCerts == nil {
-		return nil, errors.New("no CA roots provided to validate certificate")
-	}
-	return ValidateAndUnpackCert(cert, co)
-}
-
 func tlogValidateEntry(ctx context.Context, client *client.Rekor, rekorPubKeys *TrustedTransparencyLogPubKeys,
 	sig oci.Signature, pem []byte) (*models.LogEntryAnon, error) {
 	b64sig, err := sig.Base64Signature()